by Sutapa Ghadiali
Late 2020 was abuzz with another breaking news story. No, it wasn’t the pandemic or politics. This time, it was the SolarWinds supply chain attack that went undetected for months! SolarWinds is one of the largest network management system software companies with an established customer base that ranges from the private sector to government agencies.
The SolarWinds supply chain attack is a critical reminder that businesses must continue to be vigilant, ramp up security awareness training and closely monitor networks.
To summarize this attack, a malware termed SUNBURST was inserted into the SolarWinds Orion software code which enabled attackers to take control of the victims’ networks. Both commercial and federal customers downloaded and installed vulnerable versions of the software, giving attackers access to their network and sensitive information.
The SolarWinds supply chain attack is a critical reminder that businesses must continue to be vigilant, ramp up security awareness training and closely monitor networks.
Specifically, businesses should:
For a detailed list of cyber supply chain risk management best practices, read the National Institute of Standards and Technology conference workshop brief, referenced below.
REFERENCE